ET EXPLOIT_KIT probable malicious Glazunov Javascript injection
Sourceet/open
Fileemerging-exploit_kit.rules
CreatedDecember 4, 2012
UpdatedMarch 14, 2024
Classificationexploit-kit
alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET EXPLOIT_KIT probable malicious Glazunov Javascript injection"; flow:established,to_client ; flowbits:set,et.exploitkitlanding ; file.data; content:"(|22|"; distance:0; content:"|22|))|3b|"; distance:52; within:106; content:")|3b|</script></body>"; within:200; fast_pattern; pcre:"/\(\x22[0-9\x3a\x3b\x3c\x3d\x3e\x3fa-k]{50,100}\x22\).{0,200}\)\x3b<\/script><\/body>/s" ; classtype:exploit-kit; sid:2015977; rev:9; metadata:created_at 2012_12_04, signature_severity Major, updated_at 2024_03_14;)
Metadata
created at2012_12_04
signature severityMajor
updated at2024_03_14
Comments (0)
Please sign in to leave a comment.
Sign inNo comments yet. Be the first to comment!